FrostDAO is a Rust implementation of FROST threshold signatures with hierarchical TSS for Bitcoin Taproot. The repository contains a CLI, terminal UI, Nostr relay protocol layer, Bitcoin transaction tooling, and integration tests for DKG, signing, resharing, recovery, backups, Miniscript policy preview, and NIP-44 encryption.
- Treat protocol and crypto changes as high risk. Prefer small, reviewable edits with focused tests.
- Do not change public protocol formats, wallet storage formats, or generated address behavior unless the task explicitly requires it.
- Keep secrets, shares, private keys, mnemonics, and nonces out of logs, panics, and test output.
- Preserve user data under
~/.frostdao/; tests and scripts should avoid relying on or mutating real wallets. - Prefer existing module boundaries:
src/protocol/for DKG, signing, reshare, and recovery flows.src/crypto/for Birkhoff, HD derivation, helpers, and encryption primitives.src/btc/for Bitcoin address, script, Schnorr, and transaction logic.src/tui/for terminal UI state, screens, and components.src/nostr/for relay transport and versioned message envelopes; keep cryptography outside this layer.
- Keep the project testnet/signet-first. Mainnet transaction and relay actions require explicit environment opt-ins documented in
docs/RUN_GUIDE.md.
Run these before handing off code changes when practical:
cargo fmt --all -- --check
cargo clippy --all-targets --all-features -- -D warnings
cargo testThe same checks are available as a script:
./scripts/quality.shUse the full script before releases or recorded walkthroughs:
./scripts/quality.sh --fullUse targeted tests while iterating:
./scripts/test.sh signing
./scripts/test.sh dkg
./scripts/test.sh reshareBuild commands:
cargo build
./scripts/build.sh- Keep error handling explicit with
Resultand contextual messages where failures cross user-facing boundaries. - Avoid
unwrapandexpectoutside tests unless the invariant is local and obvious. - Prefer typed structs and serde over ad hoc string parsing for protocol payloads.
- Add tests for behavioral changes, especially in protocol, Bitcoin, storage, and serialization code.
When reviewing or improving code quality, prioritize:
- Security-sensitive correctness issues.
- Serialization and compatibility regressions.
- Error handling that can hide failed protocol state.
- Panics in CLI, TUI, or network-facing paths.
- Duplicated logic that can diverge across protocol flows.